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DETAILED ACTION 

Response to Arguments 

1 . Applicant argues that Blonder fail to disclose of "logging onto a technical system 
response checking that the selected graphic of the response code correlates with the 
stored user code". The examiner respectfully disagrees with the applicant's assertion, 
Blonder discloses that the tap regions correspond to the password, so the selected 
graphic response code correlates with the stored user code in order to grant access, 
see column 5, lines 7-15. The elements must be arranged as required by the claim, but 
this is not an ipsissimis verbis test, i.e., identity of terminology is not required. In re 
Bond, 91 0 F.2d 831 , 1 5 USPQ2d 1 566 (Fed. Cir. 1 990). 

2. Applicant's arguments with respect to claims 22-42 have been considered but are 
moot in view of the new grounds of rejection. 

Information Disclosure Statement 

3. The information disclosure statement (IDS) submitted on June 8, 201 1 is in 
compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure 
statement is being considered by the examiner. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 22-35 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Blonder, U.S. Patent 5,559,961 in view of Davies, U.S. Patent 5,608,387. 

As per claim 22, it is taught of a method for safely logging on to a technical 
system by means of a user code stored in the system, comprising a) displaying a 
selection code having a plurality of graphics; b) displaying a response code having a 
plurality of graphics; c) receiving a selection of one of the plurality of graphics from the 
response code; d) checking the selected graphic of the response code in accordance 
with a stored user code; and e) logging on to the technical system upon checking that 
the selected graphic of the response code correlates with the stored user code (col. 3, 
lines 23-31 ; col. 3, line 55 through col. 4, line 25; and col. 5, lines 7-15). The teachings 
of Blonder fail to disclose of displaying a plurality of decoy selection graphics and 
wherein the matching response graphic having at least one property that, according to 
stored user code, is associated with at least one property of at least one of the plurality 
of graphics from the selection code. The teachings of Davies disclose of displaying a 
plurality of decoy selection graphics and wherein the matching response graphic having 
at least one property that, according to stored user code, is associated with at least one 
property of at least one of the plurality of graphics from the selection code (col. 4, lines 
1 -1 6 & 41 -67). It would have been obvious to a person of ordinary skill in the art at the 
time of the invention to have been motivated to apply decoy selections in order to hide, 
or confuse unauthorized users from selecting the correct images in order to gain 
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access. The teachings of Davies indicate that an image that may be false for one user 
may be a key image for another user, hence being a decoy image (col. 2, lines 36-43). 

As per claim 23, it is disclosed wherein the selection code and the response code 
are displayed simultaneously (as shown in Figure 4). 

As per claim 24, it is taught wherein the selection code and the response code 
are displayed consecutively (as shown in Figure 4). 

As per claim 25, it is disclosed of repeating steps a), b), c), and d), prior to 
performing step e) and after changing at least one of the selection code and the 
response code, to generate a sequence of selected response code graphics; wherein 
checking that the selected graphic of the response code correlates with the stored user 
code includes checking the sequence of selected response code graphics (col. 3, lines 
23-31 ; col. 3, line 55 through col. 4, line 25; and col. 5, lines 7-15). 

As per claim 26, it is taught wherein steps a) through d) are repeated a number 
of times determined by the technical system (col. 4, lines 30-58). 

As per claim 27, it disclosed of further comprising of displaying a plurality of 
additional graphics in addition to the selection code (col. 3, lines 23-31 and col. 5, lines 
7-15). 

As per claim 28, it taught wherein the selection code and the additional graphics 
are grouped into units, each unit having an identifier; and wherein at least one unit 
contains the selection code, and the user code includes the identifier of the at least one 
unit containing the selection code (col. 3, lines 23-31 ; col. 3, line 55 through col. 4, line 
25; and col. 5, lines 7-15). 
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As per claim 29, it is disclosed of further comprising displaying a plurality of 
additional graphics in addition to the response code (col. 3, lines 23-31 and col. 5, lines 
7-15). 

As per claim 30, it is taught wherein the response code and the additional 
graphics are grouped into sets, each set having an identifier; and wherein at least one 
set contains the response code, and the user code includes the identifier of the at least 
one set containing the response code (col. 3, lines 23-31 ; col. 3, line 55 through col. 4, 
line 25; and col. 5, lines 7-15). 

As per claim 31 , it disclosed wherein receiving the selection of the selected 
graphic of the response code comprises receiving the selection via a touch-screen (col. 
2, lines 23-24 and col. 3, lines 57-63). 

As per claim 32, it is taught wherein receiving the selection of the selected 
graphic of the response code comprises receiving the selection via a keyboard key 
associated with the selected graphic of the response code (col. 3, lines 57-63). 

As per claim 33, it is disclosed wherein at least one of the color, shape, pattern, 
and movement of at least one graphic of the response code is associated with at least 
one graphic of the selection code (col. 3, lines 57-63 and as shown in Figure 4). 

As per claim 34, it is taught of further comprising repeating steps a) though d) 
upon determining that the selected graphic of the response code does not correlate with 
the stored user code (col. 3, line 55 through col. 4, line 3). 

As per claim 35, it is disclosed wherein steps a) through d) may be performed at 
most a predetermined number of times (col. 3, line 55 through col. 4, line 3). 
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6. Claims 36-42 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Blonder, U.S. Patent 5,559,961 , in view of Davies, U.S. Patent 5,608,387, in further 
view of Jalili, U.S. Patent 6,209,104. 

As per claims 36,37, and 42, Blonder fails to disclose wherein the selected 
graphic of the response code is transmitted to the technical system for comparison with 
the user code in encrypted format. Jalili teaches wherein the selected graphic of the 
response code is transmitted to the technical system for comparison with the user code 
in encrypted format (col. 3, lines 10-22; col. 9, lines 19-25 & 51-54; col. 10, lines 46-59; 
and col. 1 1 , lines 1 4-1 8). It would have been obvious to a person of ordinary skill in the 
art to have been motivated to transmit password data to a second device in encrypted 
form in order to secure the transmission of the content from unauthorized access by an 
unauthorized user. The teachings of Jalili call for the encryption of the transmission 
data as a means to prevent interception of the graphical password information (col. 10, 
lines 57-59). 

As per claim 38, it is taught by Blonder of a device for logging on to a technical 
system, the device comprising a display for displaying a selection code, the selection 
code including a plurality of graphics, the display further for displaying a response code, 
the response code including a plurality of graphics; a first device for receiving a 
selection of at least one graphic from the response code; and checking the selected 
graphic of the response code according to the stored user code, wherein the device 
logs on to the technical system upon determining that the selected graphic from the 
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response code correlates with the stored user code (col. 3, lines 23-31 ; col. 3, line 55 
through col. 4, line 25; and col. 5, lines 7-15). The teachings of Blonder fail to disclose 
of displaying a plurality of decoy selection graphics and wherein the matching response 
graphic having at least one property that, according to stored user code, is associated 
with at least one property of at least one of the plurality of graphics from the selection 
code. The teachings of Davies disclose of displaying a plurality of decoy selection 
graphics and wherein the matching response graphic having at least one property that, 
according to stored user code, is associated with at least one property of at least one of 
the plurality of graphics from the selection code (col. 4, lines 1 -1 6 & 41 -67). It would 
have been obvious to a person of ordinary skill in the art at the time of the invention to 
have been motivated to apply decoy selections in order to hide, or confuse unauthorized 
users from selecting the correct images in order to gain access. The teachings of 
Davies indicate that an image that may be false for one user may be a key image for 
another user, hence being a decoy image (col. 2, lines 36-43). 

Blonder and Davies fails to disclose wherein the selected graphic of the response 
code is transmitted to a second device for comparison with the user code. Jalili teaches 
wherein the selected graphic of the response code is transmitted to a server (second 
device) for comparison with the user code (col. 3, lines 10-22 and col. 9, lines 19-25 & 
51 -54). It would have been obvious to a person of ordinary skill in the art to have been 
motivated to transmit password data to a second device for comparison in order to grant 
access. The teachings of Jalili call for the transmission data to a server in order to 
ensure that the content is not readily susceptible to observation during entry when a 
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user desires access to resources provided by the server (col. 2, lines 64-67 and col. 6, 
lines 3-7 & 21-27). 

As per claim 39, it is disclosed by Blonder wherein the selection code and the 
response code are displayed simultaneously (as shown in Figure 4). 

As per claim 40, it is taught by Blonder wherein receiving the selection of the 
selected graphic of the response code comprises receiving the selection via a keyboard 
key associated with the selected graphic of the response code (col. 3, lines 57-63). 

As per claim 41 , it disclosed by Blonder wherein receiving the selection of the 
selected graphic of the response code comprises receiving the selection via a touch- 
screen (col. 2, lines 23-24 and col. 3, lines 57-63). 

Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER REVAK whose telephone number is 
(571)272-3794. The examiner can normally be reached on Monday-Thursday, 9:00am- 
5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan Flynn can be reached on 517-272-1915. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christopher A. Revak/ 
Primary Examiner, Art Unit 2431 



